function webform_group_webform_submission_access in Webform 6.x
Same name and namespace in other branches
- 8.5 modules/webform_group/webform_group.module \webform_group_webform_submission_access()
Implements hook_ENTITY_TYPE_access() for webform_submission entities.
File
- modules/
webform_group/ webform_group.module, line 334 - Provides a Webform integration with the Group module.
Code
function webform_group_webform_submission_access(WebformSubmissionInterface $webform_submission, $operation, AccountInterface $account) {
if (!in_array($operation, [
'view',
'update',
'delete',
])) {
return AccessResult::neutral();
}
/** @var \Drupal\webform_group\WebformGroupManagerInterface $webform_group_manager */
$webform_group_manager = \Drupal::service('webform_group.manager');
// During testing we need to only look at the current users group roles.
// @todo Rework webform_group_webform_submission_query_access_alter().
// @see \Drupal\Tests\webform_group\Functional\WebformGroupSubmissionAccessTest
if (drupal_valid_test_ua()) {
// Get the current user's group roles for the current group content.
$user_group_roles = $webform_group_manager
->getCurrentUserGroupRoles();
}
else {
// Get the user's group roles for the current group content.
$user_group_roles = $webform_group_manager
->getWebformSubmissionUserGroupRoles($webform_submission, $account);
}
// Get webform access rules.
$webform = $webform_submission
->getWebform();
$access_rules = $webform_group_manager
->getAccessRules($webform);
// Compare the current user group roles with the admin and permission
// access rules' group roles.
if (array_intersect($access_rules['administer']['group_roles'], $user_group_roles) || array_intersect($access_rules[$operation . '_any']['group_roles'], $user_group_roles) || array_intersect($access_rules[$operation . '_own']['group_roles'], $user_group_roles) && (int) $webform_submission
->getOwnerId() === (int) $account
->id()) {
return AccessResult::allowed()
->cachePerUser()
->addCacheableDependency($webform)
->addCacheableDependency($webform_submission);
}
// No opinion.
return AccessResult::neutral();
}